forbid mentions in sigs

2025-12-04 05:36:57 +03:00
parent 062cab44bc
commit 73af2dc3b9
5 changed files with 10 additions and 4 deletions
--- a/app/init.py
+++ b/app/init.py
@@ -8,6 +8,7 @@ from .constants import (
    PermissionLevel, permission_level_string,
    InfoboxKind, InfoboxHTMLClass,
    REACTION_EMOJI, MOTD_BANNED_TAGS,
+    SIG_BANNED_TAGS,
    )
 from .lib.babycode import babycode_to_html, EMOJI, BABYCODE_VERSION
 from datetime import datetime
@@ -177,6 +178,7 @@ def create_app():
            "__emoji": EMOJI,
            "REACTION_EMOJI": REACTION_EMOJI,
            "MOTD_BANNED_TAGS": MOTD_BANNED_TAGS,
+            "SIG_BANNED_TAGS": SIG_BANNED_TAGS,
        }

    @app.context_processor
--- a/app/constants.py
+++ b/app/constants.py
@@ -51,6 +51,10 @@ MOTD_BANNED_TAGS = [
    'img', 'spoiler', '@mention'
 ]

+SIG_BANNED_TAGS = [
+    '@mention'
+]
+
 def permission_level_string(perm):
    return PermissionLevelString[PermissionLevel(int(perm))]

--- a/app/lib/babycode.py
+++ b/app/lib/babycode.py
@@ -252,7 +252,7 @@ def should_collapse(text, surrounding):
 def sanitize(s):
    return escape(s.strip().replace('\r\n', '\n').replace('\r', '\n'))

-def babycode_to_html(s, banned_tags={}):
+def babycode_to_html(s, banned_tags=[]):
    allowed_tags = set(TAGS.keys())
    if banned_tags is not None:
        for tag in banned_tags:
--- a/app/routes/users.py
+++ b/app/routes/users.py
@@ -10,7 +10,7 @@ from ..models import (
    BookmarkCollections, BookmarkedThreads,
    Mentions, PostHistory,
    )
-from ..constants import InfoboxKind, PermissionLevel
+from ..constants import InfoboxKind, PermissionLevel, SIG_BANNED_TAGS
 from ..auth import digest, verify
 from wand.image import Image
 from wand.exceptions import WandException
@@ -392,7 +392,7 @@ def settings_form(username):
    status = request.form.get('status', default="")[:100]
    original_sig = request.form.get('signature', default='').strip()
    if original_sig:
-        rendered_sig = babycode_to_html(original_sig).result
+        rendered_sig = babycode_to_html(original_sig, SIG_BANNED_TAGS).result
    else:
        rendered_sig = ''
    session['subscribe_by_default'] = request.form.get('subscribe_by_default', default='off') == 'on'
--- a/app/templates/users/settings.html
+++ b/app/templates/users/settings.html
@@ -39,7 +39,7 @@
        <input autocomplete='off' type='checkbox' id='subscribe_by_default' name='subscribe_by_default' {{ 'checked' if session.get('subscribe_by_default', default=true) else '' }}>
        <label for='subscribe_by_default'>Subscribe to thread by default when responding</label><br>
        <label for='babycode-content'>Signature</label>
-        {{ babycode_editor_component(ta_name='signature', prefill=active_user.signature_original_markup, ta_placeholder='Will be shown under each of your posts', optional=true) }}
+        {{ babycode_editor_component(ta_name='signature', prefill=active_user.signature_original_markup, ta_placeholder='Will be shown under each of your posts', optional=true, banned_tags=SIG_BANNED_TAGS) }}
        <input type='submit' value='Save settings'>
      </form>
    </fieldset>